lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAADnVQKbrkOxfNoixUx-RLJEWULJLyhqjZ=M_X2cFG_APwNyCg@mail.gmail.com>
Date:   Fri, 17 Sep 2021 12:10:34 -0700
From:   Alexei Starovoitov <alexei.starovoitov@...il.com>
To:     Jakub Kicinski <kuba@...nel.org>
Cc:     Lorenzo Bianconi <lorenzo@...nel.org>, bpf <bpf@...r.kernel.org>,
        Network Development <netdev@...r.kernel.org>,
        Lorenzo Bianconi <lorenzo.bianconi@...hat.com>,
        "David S. Miller" <davem@...emloft.net>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>, shayagr@...zon.com,
        John Fastabend <john.fastabend@...il.com>,
        David Ahern <dsahern@...nel.org>,
        Jesper Dangaard Brouer <brouer@...hat.com>,
        Eelco Chaudron <echaudro@...hat.com>,
        Jason Wang <jasowang@...hat.com>,
        Alexander Duyck <alexander.duyck@...il.com>,
        Saeed Mahameed <saeed@...nel.org>,
        "Fijalkowski, Maciej" <maciej.fijalkowski@...el.com>,
        "Karlsson, Magnus" <magnus.karlsson@...el.com>,
        tirthendu.sarkar@...el.com,
        Toke Høiland-Jørgensen <toke@...hat.com>
Subject: Re: [PATCH v14 bpf-next 00/18] mvneta: introduce XDP multi-buffer support

On Fri, Sep 17, 2021 at 12:00 PM Jakub Kicinski <kuba@...nel.org> wrote:
>
> On Fri, 17 Sep 2021 11:43:07 -0700 Alexei Starovoitov wrote:
> > > If bpf_xdp_load_bytes() / bpf_xdp_store_bytes() works for most we
> > > can start with that. In all honesty I don't know what the exact
> > > use cases for looking at data are, either. I'm primarily worried
> > > about exposing the kernel internals too early.
> >
> > I don't mind the xdp equivalent of skb_load_bytes,
> > but skb_header_pointer() idea is superior.
> > When we did xdp with data/data_end there was no refine_retval_range
> > concept in the verifier (iirc or we just missed that opportunity).
> > We'd need something more advanced: a pointer with valid range
> > refined by input argument 'len' or NULL.
> > The verifier doesn't have such thing yet, but it fits as a combination of
> > value_or_null plus refine_retval_range.
> > The bpf_xdp_header_pointer() and bpf_skb_header_pointer()
> > would probably simplify bpf programs as well.
> > There would be no need to deal with data/data_end.
>
> What are your thoughts on inlining? Can we inline the common case
> of the header being in the "head"? Otherwise data/end comparisons
> would be faster.

Yeah. It can be inlined by the verifier.
It would still look like a call from bpf prog pov with llvm doing spill/fill
of scratched regs, but it's minor.

Also we can use the same bpf_header_pointer(ctx, ...)
helper for both xdp and skb program types. They will have different
implementation underneath, but this might make possible writing bpf
programs that could work in both xdp and skb context.
I believe cilium has fancy macros to achieve that.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ